Discussion:
Steps to reload zone files automatically?
(too old to reply)
Harshith Mulky
2020-07-01 05:55:23 UTC
Permalink
Hello

Is there an automatic way we could use reloading the zone files rather than using rndc reload or named restart?

Any methods or links which can be shared to help us reload the zone files automatically once we make changes to the zone files ( cron methods or shell scripts)

We are running bind with version as below

# rpm -qi bind
Name : bind
Version : 9.9.5P1
Release : 2.2.2
Architecture: x86_64
Install Date: Tue Oct 17 16:46:22 2017
Group : Productivity/Networking/DNS/Servers
Size : 747523
License : ISC
Signature : RSA/SHA256, Tue Oct 7 04:18:01 2014, Key ID b88b2fd43dbdc284
Source RPM : bind-9.9.5P1-2.2.2.src.rpm
Build Date : Tue Oct 7 04:17:04 2014
Build Host : cloud124
Relocations : (not relocatable)
Packager : http://bugs.opensuse.org
Vendor : openSUSE
URL : http://isc.org/sw/bind/
Summary : Domain Name System (DNS) Server (named)
Description :
Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols and provides an openly redistributable
reference implementation of the major components of the Domain Name
System. This package includes the components to operate a DNS server.
Distribution: openSUSE 13.2
sataradnsVM1:~ #
Erich Eckner
2020-07-01 07:21:16 UTC
Permalink
Post by Harshith Mulky
Hello
Hi,
Post by Harshith Mulky
Is there an automatic way we could use reloading the zone files rather than
using rndc reload or named restart?
Shouldn't the design be, that: Whoever changes the zone file, runs "rndc
reload" afterwards?
Post by Harshith Mulky
Any methods or links which can be shared to help us reload the zone files
automatically once we make changes to the zone files ( cron methods or shell
scripts)
If you really want to go that path (see suggestion above), have a look at
inotifywait from inotifytools (I'm not sure, how the package is called in
suse):

https://linux.die.net/man/1/inotifywait
Post by Harshith Mulky
We are running bind with version as below
# rpm -qi bind
Name        : bind
Version     : 9.9.5P1
Release     : 2.2.2
Architecture: x86_64
Install Date: Tue Oct 17 16:46:22 2017
Group       : Productivity/Networking/DNS/Servers
Size        : 747523
License     : ISC
Signature   : RSA/SHA256, Tue Oct  7 04:18:01 2014, Key ID b88b2fd43dbdc284
Source RPM  : bind-9.9.5P1-2.2.2.src.rpm
Build Date  : Tue Oct  7 04:17:04 2014
Build Host  : cloud124
Relocations : (not relocatable)
Packager    : http://bugs.opensuse.org
Vendor      : openSUSE
URL         : http://isc.org/sw/bind/
Summary     : Domain Name System (DNS) Server (named)
Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols and provides an openly redistributable
reference implementation of the major components of the Domain Name
System.  This package includes the components to operate a DNS server.
Distribution: openSUSE 13.2
sataradnsVM1:~ #
regards,
Erich
G.W. Haywood
2020-07-01 15:06:21 UTC
Permalink
Hi there,
Post by Harshith Mulky
Is there an automatic way we could use reloading the zone files
rather than using rndc reload or named restart?
It should be trivial to implement this, but I'm not sure that I'd want
to do it on a server of mine.
Post by Harshith Mulky
We are running bind with version as below
# rpm -qi bind
Name : bind
Version : 9.9.5P1
...
https://kb.isc.org/docs/bind-9-end-of-life-dates
Post by Harshith Mulky
Date: Wed, 08 Jun 2016 20:09:54 +1000
...
bind-9.8.2-0.17.rc1.el6.x86_64
Upgrade.
Plus ça change, plus c'est la même chose...
--
73,
Ged.
Chuck Aurora
2020-07-01 21:21:20 UTC
Permalink
Post by Harshith Mulky
Is there an automatic way we could use reloading the zone files
rather than using rndc reload or named restart?
Within named, no. Furthermore a restart of named for changed zone
data was never a good idea. Likewise, "rndc reload" only makes sense
when numerous zones were changed at one time; otherwise you would use
"rndc reload zone-name [view-name]".
Post by Harshith Mulky
Any methods or links which can be shared to help us reload the zone
files automatically once we make changes to the zone files ( cron
methods or shell scripts)
A different paradigm which would do this better would be to use
dynamic zones (RFC 2136.) To do this you would set an update-policy
for the zone[s] (or globally) and submit updates using nsupdate(8)
or other RFC 2136 client.

Ideally you would ONLY use dynamic updates to change zone data, but
there's also freeze and thaw functions in rndc(8) for those who want
to edit a zone file for Old Time's Sake. (The freeze will lose your
zone updates history.)

Dynamic DNS is covered well in the BIND 9 ARM. There are probably
also some articles at the ISC KB.
Tony Finch
2020-07-02 21:04:49 UTC
Permalink
Chuck Aurora <***@nodns4.us> wrote:

nice domain name :-)
Post by Chuck Aurora
Post by Harshith Mulky
Any methods or links which can be shared to help us reload the zone
files automatically once we make changes to the zone files ( cron
methods or shell scripts)
A different paradigm which would do this better would be to use
dynamic zones (RFC 2136.) To do this you would set an update-policy
for the zone[s] (or globally) and submit updates using nsupdate(8)
or other RFC 2136 client.
Yes, this is the way I like to do things. Specifically, it's fairly easy
if you configure your zones with `update-policy local`, and you use
`nsupdate -l` to modify the zone. That way you get a fairly secure setup
with very little configuration effort.

You're all probably bored of me plugging nsdiff, but I wrote it to make
it easier to update zones this way - http://dotat.at/prog/nsdiff/
(My production zones are updated by a cron job that feeds database dumps
into nspatch, and I edit my test and personal zones using nsvi, both of
which are wrappers around nsdiff and nsupdate.)
Post by Chuck Aurora
Ideally you would ONLY use dynamic updates to change zone data, but
there's also freeze and thaw functions in rndc(8) for those who want
to edit a zone file for Old Time's Sake. (The freeze will lose your
zone updates history.)
You can preserve the history if you configure the zone with
`ixfr-from-differences`.

Tony.
--
f.anthony.n.finch <***@dotat.at> http://dotat.at/
democracy, participation, and the co-operative principle
Continue reading on narkive:
Loading...